Intrusion detection techniques and approaches

Verwoerd, Theuns; Hunt, Ray

doi:10.1016/s0140-3664(02)00037-3

Cited by 202 publications

(84 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Traditionally, intrusions detection systems are based on socalled signature methods [2,3]. These methods usually consist of applications that are the set of rules declared by an expert or a security officer.…”

Section: Related Workmentioning

confidence: 99%

Data Gathering and User Behavior Analysis System

Mashechkin¹,

Petrovskiy²,

Troshin³

et al. 2007

Proceedings of the Spring/Summer Young Researchers' Colloquium on Software Engineering

View full text Add to dashboard Cite

-In this paper we investigate the problem of development effective program security systems that are used for defense against internal intrusions. We offer technology for constructing systems that protect against the internal intrusions based on non signature methods. These systems possess autonomy, adaptability and self-teach properties. We propose methods for information gathering from log files, for data consolidation, for data presentation, transmitting and storing. And the security analyst console and consolidations subsystem architectures are proposed. We show the applicability of OLAP technology for collected data analysis. Also we offer data mining algorithms for user behavior model construction based on association rules. These models can be applied for users' activity description and visualization or for users' behavior abnormality detection, including potential threat from each user. An experimental system was verified using DARPA Intrusion Detection Evaluation Program methodic. The results are shown in the paper.

show abstract

Section: Related Workmentioning

confidence: 99%

Data Gathering and User Behavior Analysis System

Mashechkin¹,

Petrovskiy²,

Troshin³

et al. 2007

Proceedings of the Spring/Summer Young Researchers' Colloquium on Software Engineering

View full text Add to dashboard Cite

show abstract

“…While the phrase of every individuality, that is, instance network or system loosely defined, there is a large amount of partiality in which exactly establishes cyber terrorism. In an attempt to define cyber terrorism more logically (Theuns and Ray, 2002) a study is made of explanations and characteristics of terrorism and terrorist based actions. According to Symantec characteristics a list of characteristics for outdated as well as updated level of terrorism is developed.…”

Section: Introductionmentioning

confidence: 99%

Combating Cyber Terrorism-Assessment of Log for Malicious Signatures

Ethala¹

2013

American Journal of Applied Sciences

View full text Add to dashboard Cite

Enhancing security to the networks and preventing the cyber attacks is a major issue in all domains. In this study, a new class of cyber terrorism is addressed where mischievous and malicious behaviour is the root cause for the modification of network data stored in an open database. An attempt is made in this study to develop an algorithm that screens network, database results and detects anomalies in the input data that could have been revised by cyber-attacks, that is cyber terrorism. Combating Cyber Terrorism (CCT) Algorithm that is developed in this attempt uses multi path navigation based on six degree separation to analyze data flow inconsistency into bound and unbound values. This is the first such attempt made in this communication wherein the results presented clearly denote the reduced rate of cyber terrorism based attacks. Analysis of information in the unbound values determines whether the database value has been compromised for any attacks. Success has been achieved in reducing the false alarm rate. Future enhancement will be attempted in the entropical model for profiling the network agents for better performance.

show abstract

“…IDSs monitor the activity of the network with the purpose of identifying intrusive events and can take actions to abort these risky events. A wide range of techniques have been used to build IDSs, most of the reported and described in previous surveys [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15].…”

Section: Introductionmentioning

confidence: 99%

Multiagent Systems for Network Intrusion Detection: A Review

Herrero

Corchado

2009

Advances in Intelligent and Soft Computing

View full text Add to dashboard Cite

Abstract. More and more, Intrusion Detection Systems (IDSs) are seen as an important component in comprehensive security solutions. Thus, IDSs are common elements in modern infrastructures to enforce network policies. So far, plenty of techniques have been applied for the detection of intrusions, which has been reported in many surveys. This work focuses the development of network-based IDSs from an architectural point of view, in which multiagent systems are applied for the development of IDSs, presenting an up-to-date revision of the state of the art.

show abstract

Intrusion detection techniques and approaches

Cited by 202 publications

References 7 publications

Data Gathering and User Behavior Analysis System

Data Gathering and User Behavior Analysis System

Combating Cyber Terrorism-Assessment of Log for Malicious Signatures

Multiagent Systems for Network Intrusion Detection: A Review

Contact Info

Product

Resources

About